PCI-DSS – Page 3 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Online Merchants: PCI DSS Compliance Tips When Outsourcing

Common challenges for SAQ A/e-commerce merchants and how to resolve them E-commerce merchants, by definition, accept card payments. So, they’re subject to the PCI DSS (Payment Card Industry Data Security Standard). This standard, currently at v4.0.1 (a limited revision to PCI DSS v4.0), contains 277 sub-requirements. However, you can reduce your scope to drastically lower the number of requirements you must meet, thereby significantly reducing your compliance burden. Example: Online merchants can aim for SAQ A This SAQ (self-assessment questionnaire) contains just 31 questions (1 per applicable sub-requirement). To qualify, you must fully outsource your account data functions. As an

The post Online Merchants: PCI DSS Compliance Tips When Outsourcing appeared first on IT Governance UK Blog.

August 15, 2024

0 comment

Resource Guide: Vulnerability Scans and Approved Scanning Vendors

The PCI Data Security Standard (PCI DSS) has long included requirements for external vulnerability scans conducted by PCI Approved Scanning Vendors (ASVs), and these requirements have also been included in prior versions of some Self-Assessm…

July 10, 2024

0 comment

Coffee with the Council Podcast: Meet Three Qualified Security Assessors Who Completed the Council’s AQSA Mentorship Program and Advanced Their Careers

Welcome to our podcast series, Coffee with the Council. I’m Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. In this episode, we’ll meet three Qualified Security Assessors, or QSAs. A QSA compan…

July 9, 2024

0 comment

Just Published: PCI DSS v4.0.1

To address stakeholder feedback and questions received since PCI DSS v4.0 was published in March 2022, the PCI Security Standards Council (PCI SSC) has published a limited revision to the standard, PCI DSS v4.0.1. It includes corrections to …

June 11, 2024

0 comment

Coffee with the Council Podcast: Help Shape the Future of Payment Security as a PCI SSC Participating Organization

Welcome to our podcast series, Coffee with the Council. I’m Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. At our Community Meetings in 2022, the Council announced a significant change to its …

April 29, 2024

0 comment

Coffee with the Council Podcast: Meet the Council’s New Executive Director Gina Gobeyn

Welcome to our podcast series, Coffee with the Council. I’m Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. Today I am thrilled to introduce the Council’s new Executive Director, Gina Gobeyn. G…

February 29, 2024

0 comment

Coffee with the Council Podcast: A Panel Discussion from Asia-Pacific Hosted by Yew Kuann Cheng

Hello everyone. Welcome to another edition of our podcast series, Coffee with the Council. Hello from very sunny Singapore. I just enjoyed my cup of coffee. Or locally we will say “Kopi Siew Dai” or “coffee with milk, with less sugar”….

February 2, 2024

0 comment

PCI DSS v3.2.1 is Retiring on 31 March 2024 – Are You Ready?

With 31 March 2024 rapidly approaching, Lauren Holloway, Director, Data Security Standards, shares some key questions, answers, and resources to help entities successfully transition to PCI DSS v4.0.

January 31, 2024

0 comment

Limited Revision Planned for PCI DSS v4.0

To address stakeholder feedback and questions received since PCI DSS v4.0 was published in March 2022, PCI SSC is planning a limited revision of the standard. Proposed changes include correcting format and typographical errors and clarifying…

December 14, 2023

0 comment

Just Published: PCI DSS v4.x Targeted Risk Analysis Guidance

Risk analysis is a foundational tool to help organizations identify and prioritize potential threats and vulnerabilities within their environment. PCI DSS v4.0 introduced the concept of targeted risk analysis (TRA) with two different t…

November 28, 2023

0 comment

1 2 3 4 5 6